Anomaly detection in the surveillance domain

Brax, Christoffer

January 2011

In the post September 11 era, the demand for security has increased in virtually all parts of the society. The need for increased security originates from the emergence of new threats which differ from the traditional ones in such a way that they cannot be easily defined and are sometimes unknown or hidden in the “noise” of daily life. When the threats are known and definable, methods based on situation recognition can be used find them. However, when the threats are hard or impossible to define, other approaches must be used. One such approach is data-driven anomaly detection, where a model of normalcy is built and used to find anomalies, that is, things that do not fit the normal model. Anomaly detection has been identified as one of many enabling technologies for increasing security in the society. In this thesis, the problem of how to detect anomalies in the surveillance domain is studied. This is done by a characterisation of the surveillance domain and a literature review that identifies a number of weaknesses in previous anomaly detection methods used in the surveillance domain. Examples of identified weaknesses include: the handling of contextual information, the inclusion of expert knowledge and the handling of joint attributes. Based on the findings from this study, a new anomaly detection method is proposed. The proposed method is evaluated with respect to detection performance and computational cost on a number datasets, recorded from real-world sensors, in different application areas of the surveillance domain. Additionally, the method is also compared to two other commonly used anomaly detection methods. Finally, the method is evaluated on a dataset with anomalies developed together with maritime subject matter experts. The conclusion of the thesis is that the proposed method has a number of strengths compared to previous methods and is suitable foruse in operative maritime command and control systems. / Christoffer Brax forskar också vid högskolan i Skövde, Informatics Research Centre / Christoffer Brax also does research at the University of Skövde, Informatics Research Centre

Anomaly Detection

Information Fusion

Visual Surveillance

Maritime Domain Awareness

Automated Risk Management Framework with Application to Big Maritime Data

Teske, Alexander

13 December 2018

Risk management is an essential tool for ensuring the safety and timeliness of maritime operations and transportation. Some of the many risk factors that can compromise the smooth operation of maritime activities include harsh weather and pirate activity. However, identifying and quantifying the extent of these risk factors for a particular vessel is not a trivial process. One challenge is that processing the vast amounts of automatic identification system (AIS) messages generated by the ships requires significant computational resources. Another is that the risk management process partially relies on human expertise, which can be timeconsuming and error-prone. In this thesis, an existing Risk Management Framework (RMF) is augmented to address these issues. A parallel/distributed version of the RMF is developed to e ciently process large volumes of AIS data and assess the risk levels of the corresponding vessels in near-real-time. A genetic fuzzy system is added to the RMF's Risk Assessment module in order to automatically learn the fuzzy rule base governing the risk assessment process, thereby reducing the reliance on human domain experts. A new weather risk feature is proposed, and an existing regional hostility feature is extended to automatically learn about pirate activity by ingesting unstructured news articles and incident reports. Finally, a geovisualization tool is developed to display the position and risk levels of ships at sea. Together, these contributions pave the way towards truly automatic risk management, a crucial component of modern maritime solutions. The outcomes of this thesis will contribute to enhance Larus Technologies' Total::Insight, a risk-aware decision support system successfully deployed in maritime scenarios.

Risk management

Fuzzy logic

Genetic fuzzy systems

Natural language processing

Maritime domain awareness

Parallel and distributed computing

Open Data for Anomaly Detection in Maritime Surveillance / Open Data for Anomaly Detection in Maritime Surveillance

Abghari, Shahrooz, Kazemi, Samira

January 2012

Context: Maritime Surveillance (MS) has received increased attention from a civilian perspective in recent years. Anomaly detection (AD) is one of the many techniques available for improving the safety and security in the MS domain. Maritime authorities utilize various confidential data sources for monitoring the maritime activities; however, a paradigm shift on the Internet has created new sources of data for MS. These newly identified data sources, which provide publicly accessible data, are the open data sources. Taking advantage of the open data sources in addition to the traditional sources of data in the AD process will increase the accuracy of the MS systems. Objectives: The goal is to investigate the potential open data as a complementary resource for AD in the MS domain. To achieve this goal, the first step is to identify the applicable open data sources for AD. Then, a framework for AD based on the integration of open and closed data sources is proposed. Finally, according to the proposed framework, an AD system with the ability of using open data sources is developed and the accuracy of the system and the validity of its results are evaluated. Methods: In order to measure the system accuracy, an experiment is performed by means of a two stage random sampling on the vessel traffic data and the number of true/false positive and negative alarms in the system is verified. To evaluate the validity of the system results, the system is used for a period of time by the subject matter experts from the Swedish Coastguard. The experts check the detected anomalies against the available data at the Coastguard in order to obtain the number of true and false alarms. Results: The experimental outcomes indicate that the accuracy of the system is 99%. In addition, the Coastguard validation results show that among the evaluated anomalies, 64.47% are true alarms, 26.32% are false and 9.21% belong to the vessels that remain unchecked due to the lack of corresponding data in the Coastguard data sources. Conclusions: This thesis concludes that using open data as a complementary resource for detecting anomalous behavior in the MS domain is not only feasible but also will improve the efficiency of the surveillance systems by increasing the accuracy and covering some unseen aspects of maritime activities. / This thesis investigated the potential open data as a complementary resource for Anomaly Detection (AD) in the Maritime Surveillance (MS) domain. A framework for AD was proposed based on the usage of open data sources along with other traditional sources of data. According to the proposed AD framework and the algorithms for implementing the expert rules, the Open Data Anomaly Detection System (ODADS) was developed. To evaluate the accuracy of the system, an experiment on the vessel traffic data was conducted and an accuracy of 99% was obtained for the system. There was a false negative case in the system results that decreased the accuracy. It was due to incorrect AIS data in a special situation that was not possible to be handled by the detection rules in the scope of this thesis. The validity of the results was investigated by the subject matter experts from the Swedish Coastguard. The validation results showed that the majority of the ODADS evaluated anomalies were true alarms. Moreover, a potential information gap in the closed data sources was observed during the validation process. Despite the high number of true alarms, the number of false alarms was also considerable that was mainly because of the inaccurate open data. This thesis provided insights into the open data as a complement to the common data sources in the MS domain and is concluded that using open data will improve the efficiency of the surveillance systems by increasing the accuracy and covering some unseen aspects of maritime activities.

open data

anomaly detection

maritime security

maritime domain awareness

Computer Sciences

Datavetenskap (datalogi)

Contextual behavioural modelling and classification of vessels in a maritime piracy situation

Dabrowski, Joel Janek

January 2014

In this study, a method is developed for modelling and classifying behaviour of maritime vessels in a piracy situation. Prior knowledge is used to construct a probabilistic graphical model of maritime vessel behaviour. This model is a novel variant of a dynamic Bayesian network (DBN), that extends the switching linear dynamic system (SLDS) to accommodate contextual information. A generative model and a classifier model are developed. The purpose of the generative model is to generate simulated data by modelling the behaviour of fishing vessels, transport vessels and pirate vessels in a maritime piracy situation. The vessels move, interact and perform various activities on a predefined map. A novel methodology for evaluating and optimising the generative model is proposed. This methodology can easily be adapted to other applications. The model is evaluated by comparing simulation results with 2011 pirate attack reports. The classifier model classifies maritime vessels into predefined categories according to their behaviour. The classification is performed by inferring the class of a vessel as a fishing, transport or pirate vessel class. The classification method is evaluated by classifying the data generated by the generative model and comparing it to the true classes of the simulated vessels. / Thesis (PhD)--University of Pretoria, 2014. / tm2015 / Electrical, Electronic and Computer Engineering / PhD / Unrestricted

UCTD

Maritime Domain Awareness

Maritime piracy

Behavioural Modelling

Sequential Analysis

Switching Linear Dynamic System

Information Fusion

Dynamic Bayesian Network

The systems integration of autonomous behavior analysis to create a "Maritime Smart Environment" for the enhancement of maritime domain awareness

Davis, Cledo L.

January 2010

Thesis (M.S. in Systems Engineering)--Naval Postgraduate School, June 2010. / Thesis Advisor(s): Goshorn, Rachel ; Goshorn, Deborah. "June 2010." Description based on title screen as viewed on June 24, 2010. Author(s) subject terms: Anomaly Detection, Artificial Intelligence, Automation, Behavior Analysis, Distributed Artificial Intelligence, Intelligence-Surveillance-Reconnaissance, Maritime Domain Awareness, Maritime Force Protection, Multi-agent Systems, Network-centric Operations, Network-centric Systems Engineering, Network-centric Warfare, Smart Sensor Networks, Systems Engineering, Systems Integration, System of Systems. Includes bibliographical references (p. 209-212). Also available in print.